search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.5k stars 3.85k forks source link

aws-sso: PermissionSet InlinePolicy type should be string #26868

Closed bellmatt closed 1 year ago

bellmatt commented 1 year ago

Describe the bug

I get this error after upgrading from CDK v1.84.0 to v2 or latest v1:

RuntimeError: Error: Resolution error: Supplied properties not correct for "CfnPermissionSetProps"
  inlinePolicy: "{\"Statement\": [ [...] ] }" should be an 'object'.

AWS::SSO::PermissionSet InlinePolicy has PrimitiveType was set to Json here: https://github.com/aws/aws-cdk/blob/main/packages/%40aws-cdk/cfnspec/spec-source/specification/000_cfn/000_official/000_AWS_SSO.json#L152-L157

However, the examples and descriptions on the CloudFormation docs show this as a json string instead: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sso-permissionset.html#cfn-sso-permissionset-inlinepolicy

The 000_AWS_SSO.json file linked above did not exist on the working version (1.84.0), so this may be why the error happens after upgrading

Expected Behavior

Allow a json string for the InlinePolicy property

Current Behavior

RuntimeError: Error: Resolution error: Supplied properties not correct for "CfnPermissionSetProps"
  inlinePolicy: "{\"Statement\": [ [...] ] }" should be an 'object'.

Reproduction Steps

Use CDK to deploy a template with an inline policy containing a json string like this

Resources:
  MyPermissionSet:
    Type: AWS::SSO::PermissionSet
    Properties:
      InstanceArn: arn
      Name: foo
      Description: bar
      InlinePolicy: '{"Statement": [...] }'

Possible Solution

The 000_AWS_SSO.json file linked above did not exist on our working version (1.84.0), so assuming this is why the error happens

Additional Information/Context

No response

CDK CLI Version

1.204.0

Framework Version

No response

Node.js Version

Any

OS

Any

Language

Python

Language Version

Python 3.8

Other information

No response

pahud commented 1 year ago

Can you share a smallest CDK code that reproduces this issue?

github-actions[bot] commented 1 year ago

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.